API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 10th, 2016
251
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.71 KB | None | 0 0
raw download clone embed print report
  1. @PostMapping("/create")
  2. public String processPost(
  3. @CurrentUser User activeUser,
  4. @ModelAttribute @Valid Post post,
  5. Errors errors){
  6. if(errors.hasErrors()){
  7. return "admin/post/create";
  8. }
  9. User user2 = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
  10. logger.info("Información del usuario mediate @CurrentUser: " + activeUser.toString());
  11. logger.info("Información del usuario mediate SecurityContextHolder: " + user2.toString());
  12. post.setAuthor(activeUser);
  13. postService.create(post);
  14. return "redirect:/admin/posts/all";
  15. }
  16.  
  17. package services.security;
  18.  
  19. import java.lang.annotation.Documented;
  20. import java.lang.annotation.ElementType;
  21. import java.lang.annotation.Retention;
  22. import java.lang.annotation.RetentionPolicy;
  23. import java.lang.annotation.Target;
  24. import org.springframework.security.core.annotation.AuthenticationPrincipal;
  25.  
  26. /**
  27. *
  28. * @author sergio
  29. */
  30. @Target({ElementType.PARAMETER, ElementType.TYPE})
  31. @Retention(RetentionPolicy.RUNTIME)
  32. @Documented
  33. @AuthenticationPrincipal
  34. public @interface CurrentUser {}
  35.  
  36. 2016-12-10 19:37:52 INFO PostController:62 - Información del usuario mediate @CurrentUser: User{id=null, username=null, passwordClear=null, confirmPassword=null, password=null, email=null, enabled=true, fullName=null, posts=[]}
  37. 2016-12-10 19:37:52 INFO PostController:63 - Información del usuario mediate SecurityContextHolder: User{id=1, username=sergio11, passwordClear=null, confirmPassword=null, password=$2a$10$LJvYTNacIvqZWDQWjF7xaeheK1MrF.FkXxovb2QgcF2CMudA1mM/., email=sss4esob@gmail.com, enabled=true, fullName=Sergio Sánchez Sánchez, posts=[]}
  38.  
  39. package config.security;
  40.  
  41. import org.springframework.beans.factory.annotation.Autowired;
  42. import org.springframework.context.ApplicationEventPublisher;
  43. import org.springframework.context.annotation.Bean;
  44. import org.springframework.context.annotation.ComponentScan;
  45. import org.springframework.context.annotation.Configuration;
  46. import org.springframework.security.authentication.DefaultAuthenticationEventPublisher;
  47. import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
  48. import org.springframework.security.config.annotation.web.builders.HttpSecurity;
  49. import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
  50. import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
  51. import org.springframework.security.core.userdetails.UserDetailsService;
  52. import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
  53. import org.springframework.security.crypto.password.PasswordEncoder;
  54. import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
  55. import services.security.CustomUserDetailsService;
  56. /**
  57. *
  58. * @author sergio
  59. */
  60. @Configuration
  61. @EnableWebSecurity
  62. @ComponentScan(basePackageClasses = CustomUserDetailsService.class)
  63. public class SecurityConfig extends WebSecurityConfigurerAdapter {
  64.  
  65. @Autowired
  66. private UserDetailsService userDetailsService;
  67. @Autowired
  68. private DefaultAuthenticationEventPublisher defaultAuthenticationEventPublisher;
  69.  
  70. @Bean
  71. public PasswordEncoder passwordEncoder() {
  72. PasswordEncoder encoder = new BCryptPasswordEncoder();
  73. return encoder;
  74. }
  75.  
  76. @Override
  77. protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  78. auth
  79. .authenticationEventPublisher(defaultAuthenticationEventPublisher)
  80. .userDetailsService(userDetailsService)
  81. .passwordEncoder(passwordEncoder());
  82. }
  83.  
  84. @Override
  85. protected void configure(HttpSecurity http) throws Exception {
  86. http.authorizeRequests()
  87. .antMatchers("/admin/signup").anonymous()
  88. .antMatchers("/admin/**").authenticated()
  89. .anyRequest().permitAll()
  90. .and()
  91. .formLogin().loginPage("/admin/login").permitAll()
  92. .usernameParameter("username").passwordParameter("password")
  93. .and()
  94. .logout()
  95. .logoutRequestMatcher(new AntPathRequestMatcher("/admin/logout"))
  96. .logoutSuccessUrl("/admin/login?logout")
  97. .and()
  98. .exceptionHandling().accessDeniedPage("/403")
  99. .and()
  100. .csrf();
  101. }
  102.  
  103. @Bean
  104. public DefaultAuthenticationEventPublisher authenticationEventPublisher(ApplicationEventPublisher applicationEventPublisher) {
  105. return new DefaultAuthenticationEventPublisher(applicationEventPublisher);
  106. }
  107. }
  108.  
  109. public class CustomUserDetails extends User implements UserDetails {
  110. //..
  111. public CustomUserDetails(){}
  112. //..
  113. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!